<?php
/**
* chats API接口主程序
* 
* 无简介
* @author xzqiaochu(www.xzzhangqiaochu.top)
* @version v1.0.0.200202_beta
*/
error_reporting(E_ALL);
define('IN_SYS', true);
date_default_timezone_set('Asia/Shanghai');
header('content-type:text/html;charset=utf-8');

require_once './inc/aes.inc.php';
require_once './inc/err.inc.php';
require_once './inc/login.inc.php';
require_once './inc/message.inc.php';
require_once './inc/random.inc.php';
require_once './inc/session.inc.php';
require_once './inc/user.inc.php';

/**
* json响应函数
*
* 程序将在调用本函数后结束
* @param string $status 响应状态
* @param string $context 响应内容
* @param string $reason 失败原因
*/
function reply($status, $context = '', $reason = '') {
    $resopnse['status'] = $status;
    if ($context != '')
        $resopnse['context'] = $context;
    if ($reason != '')
        $resopnse['reason'] = $reason;
    echo json_encode($resopnse);
    exit(0);
}

if (empty($_REQUEST['action']))
    exit(0);

Session::start();

/**
* 获取key请求
* api.php?action=getkey
* {"status":"success"/"fail"/"error"，"context":"***"}
*/
if ($_REQUEST['action'] == 'getkey') {
    $key = Login::setKey();
    reply('success', $key);
}

/**
* 登录请求
* api.php?action=loginon&uname=***&pwd=***
* {"status":"success"/"fail"/"error",
*  "reason":"need_uname&pwd"/"no_key"/"wrong"}
*/
if ($_REQUEST['action'] == 'loginon') {
    if (empty($_REQUEST['uname']) || empty($_REQUEST['pwd']))
        reply('fail', '', 'need_uname&pwd');
    if (empty($_SESSION['key']))
        reply('fail', '', 'no_key');
    $uname = $_REQUEST['uname'];
    $uid = User::getUid($uname);
    if ($uid === false) //此处必须是===，不然0==false
        reply('fail', '', 'wrong'); //用户名不存在
    $in_pwd = $_REQUEST['pwd'];
    if (Login::checkPwd($uid, $in_pwd)) {
        Login::loginOn($uid);
        Login::delKey();
        reply('success');
    } else {
        reply('fail', '', 'wrong'); //密码错误
    }
}

/**
* 获取AES密钥请求
* api.php?action=getaes
* {"status":"success"/"fail"/"error",
*  "context":"***",
*  "reason":"no_login"}
*/
if ($_REQUEST['action'] == 'getaes') {
    if (!Login::isLogin())
        reply('fail', '', 'no_login');
    $uid = $_SESSION['uid'];
    if (User::getUname($uid) == false)
        reply('fail', '', 'please_login_again'); //若用户被删除，会发生此情况
    $aes = Aes::set($uid);
    reply('success', $aes);
}

/**
* 获取聊天记录MD5请求
* api.php?action=getmsgmd5
* {"status":"success"/"fail"/"error",
*  "context":"***",
*  "reason":"no_login"}
*/
if ($_REQUEST['action'] == 'getmsgmd5') {
    if (!Login::isLogin())
        reply('fail', '', 'no_login');
    $data_md5 = Message::getMd5();
    reply('success', $data_md5);
}

/**
* 获取聊天记录请求
* api.php?action=getmsg
* {"status":"success"/"fail"/"error",
*  "context":"***",
*  "reason":"no_login"/"no_set_aes"}
*/
if ($_REQUEST['action'] == 'getmsg') {
    if (!Login::isLogin())
        reply('fail', '', 'no_login');
    if (empty($_SESSION['aes']))
        reply('fail', '', 'no_set_aes');
    $data = Message::getAll();
    $data_encrypt = Aes::encrypt($data);
    reply('success', $data_encrypt);
}

/**
* 发送聊天信息请求
* api.php?action=sendmsg&msg=***&md5=***
* {"status":"success"/"fail"/"error",
*  "reason":"need_msg&md5",
*           "no_login"/"no_set_aes"/"can_not_decrypt"/"md5_check_wrong"}
*/
if ($_REQUEST['action'] == 'sendmsg') {
    if (!Login::isLogin())
        reply('fail', '', 'no_login');
    if (empty($_REQUEST['msg']) || empty($_REQUEST['md5']))
        reply('fail', '', 'need_msg&md5');
    if (empty($_SESSION['aes']))
        reply('fail', '', 'no_set_aes');
    $msg_encrypt = $_REQUEST['msg'];
    $msg_md5 = $_REQUEST['md5'];
    $msg = Aes::decrypt($msg_encrypt);
    if ($msg == false)
        reply('fail', '', 'can_not_decrypt');
    if (md5($msg) != $msg_md5)
        reply('fail', '', 'md5_check_wrong');
    $uid = $_SESSION['uid'];
    $uname = User::getUname($uid);
    if ($uname == false)
        reply('fail', '', 'please_login_again'); //若用户被删除，会发生此情况
    Message::add($uid, $uname, $msg);
    reply('success');
}

/**
* 退出登录请求
* api.php?action=loginout
* {"status":"success"/"fail"/"error"
*  "reason":"no_login"}
*/
if ($_REQUEST['action'] == 'loginout') {
    if (!Login::isLogin())
        reply('fail', '', 'no_login');
    Login::loginOut();
    Aes::del();
    reply('success');
}

reply('fail', '', 'unknown');
